Unable to bind specific network interface to logstash

hari97 · November 30, 2021, 2:32pm

I don't have much routing tables in my ELK setup and firewall is inactive.

This is my tcpdump for 5000 port:

listening on eth2, link-type EN10MB (Ethernet), capture size 262144 bytes
14:27:01.819435 IP 192.168.129.1.49666 > ELK.5000: UDP, length 105
14:27:01.819512 IP 192.168.129.1.49666 > ELK.5000: UDP, length 110
14:27:02.026195 IP 192.168.129.1.49666 > ELK.5000: UDP, length 164
14:27:02.059464 IP 192.168.129.1.49666 > ELK.5000: UDP, length 63
14:27:02.082236 IP 192.168.129.1.49666 > ELK.5000: UDP, length 121

When I go inside the container of logstash, I could see the same dump.
tcpdump inside the container:

listening on eth2, link-type EN10MB (Ethernet), capture size 262144 bytes
14:30:20.060804 IP 192.168.129.1.49666 > ELK.commplex-main: UDP, length 135
14:30:20.060858 IP 192.168.129.1.49666 > ELK.commplex-main: UDP, length 99
14:30:20.138807 IP 192.168.129.1.49666 > ELK.commplex-main: UDP, length 104

I feel this is making some difference.

Topic		Replies	Views
Multiple network interfaces settings and X-PACK Logstash	3	992	May 9, 2018
Http_host only binds to 127.0.0.1 Logstash	5	2714	July 20, 2018
Logstash IPV4 bind issue Logstash	7	5097	May 26, 2021
Need to bind logstash to eth0 Logstash	12	1917	January 14, 2022
Collect logs from two NIC cards on same server Logstash	12	2336	December 7, 2017

Unable to bind specific network interface to logstash

Related topics